package com.yan.base;

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.Statement;
import java.util.Scanner;

public class JDBCInjection {
    public static void main(String[] args) throws Exception{

        // 3.获取连接对象
        Connection connection = DriverManager.getConnection("jdbc:mysql:///stguigu", "root", "123456");
        // 4.获取执行sql语句的对象
        Statement statement = connection.createStatement();
        // 5. 执行sql， 可能存在结果， 查询：executeQuery()
        Scanner scanner = new Scanner(System.in);
        String name = scanner.nextLine();
        String sql = "SELECT emp_id,emp_name,emp_salary,emp_age FROM t_emp WHERE emp_name = '"+name+"'";
        ResultSet result = statement.executeQuery(sql);
        // 6. 处理结果
        while (result.next()){
            System.out.println(result.getInt(1)+"\t"+result.getString(2)+"\t"+result.getDouble(3)+"\t"+result.getInt(4));
        }
        // 7. 释放资源
        result.close();
        statement.close();
        connection.close();
    }
}
